OlympicDestroyer[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

OlympicDestroyer.bin
Size

1.8MB
MD5

cfdd16225e67471f5ef54cab9b3a5558
SHA1

26de43cc558a4e0e60eddd4dc9321bcb5a0a181c
SHA256

edb1ff2521fb4bf748111f92786d260d40407a2e8463dcd24bb09f908ee13eb9
SHA512

e1855a872f4db7c17eb22130d9cb205eddde641f1b39ea5de97dfb762fc97dc2347bc6e6e88b9c5a303e1540b4b4bdb19c839c7d3e237348adbfa4b942f24adb
SSDEEP

49152:R9dnjRSnRMWHrVDoqNcVhcAwARGcWRrLy3pNq:3dVSRMUrVDEVHLRGdRrLy5N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
OlympicDestroyer.bin

Files

OlympicDestroyer.bin
.exe windows:5 windows x86 arch:x86

975087e9286238a80895b195efb3968d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetModuleHandleA
CreateEventW
MultiByteToWideChar
Sleep
GetTempPathA
CopyFileA
GetLastError
GetFileAttributesA
CreateFileA
SetEvent
TerminateThread
DeleteFileW
CloseHandle
LoadLibraryW
CreateThread
GetOverlappedResult
VirtualProtectEx
GetWindowsDirectoryW
GetProcAddress
VirtualAllocEx
LocalFree
GetFileSize
DeleteCriticalSection
ExitProcess
GetCurrentProcessId
CreateProcessW
GetModuleHandleW
CreateRemoteThread
CreateProcessA
CreateEventA
ConnectNamedPipe
GetComputerNameA
GetFileAttributesW
HeapFree
HeapAlloc
GetProcessHeap
GetTempPathW
GetTickCount
SizeofResource
LockResource
LoadResource
FindResourceW
FindFirstFileExW
CreateFileW
LocalAlloc
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
CreateNamedPipeW
GetModuleFileNameW
TerminateProcess
InterlockedDecrement
WriteFile
ReadFile
GetCurrentProcess
GetCommandLineW
EnterCriticalSection
WriteProcessMemory
CancelIo
FindClose
DecodePointer
SetEndOfFile
HeapSize
WriteConsoleW
FlushFileBuffers
GetStringTypeW
SetStdHandle
ReadConsoleW
SetFilePointerEx
GetModuleFileNameA
FreeLibrary
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WideCharToMultiByte
EncodePointer
RaiseException
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetStdHandle
GetModuleHandleExW
GetACP
HeapReAlloc
GetConsoleCP
GetConsoleMode
GetFileType
FindNextFileW

user32

wsprintfW

advapi32

CryptAcquireContextW
CryptReleaseContext
LookupPrivilegeValueW
AdjustTokenPrivileges
CryptGenRandom
LookupPrivilegeNameW
CopySid
IsValidSid
LogonUserA
OpenProcessToken
ConvertSidToStringSidW
GetLengthSid
LookupAccountSidW
GetTokenInformation

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

CoCreateGuid
CoTaskMemFree
CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocString
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
SafeArrayCreate

iphlpapi

GetIpNetTable

ws2_32

FreeAddrInfoW
GetAddrInfoW
WSACleanup
WSAStartup
ntohl

credui

CredUIParseUserNameW

netapi32

NetApiBufferFree
NetGetDCName

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

975087e9286238a80895b195efb3968d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

iphlpapi

ws2_32

credui

netapi32

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 35KB - Virtual size: 37KB

.gfids Size: 512B - Virtual size: 308B

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 35KB - Virtual size: 37KB

.gfids
Size: 512B - Virtual size: 308B

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 6KB - Virtual size: 5KB